Contents

An Internet router typically maintains a set of queues, one per interface, that hold packets scheduled to go out on that interface. Historically, such queues use a drop-tail discipline: a packet is put onto the queue if the queue is shorter than its maximum size (measured in packets or in bytes), and dropped otherwise.

Active queue disciplines drop or mark packets before the queue is full. Typically, they operate by maintaining one or more drop/mark probabilities, and probabilistically dropping or marking packets even when the queue is short.

Drop-tail queues have a tendency to penalise bursty flows, and to cause global synchronisation between flows. By dropping packets probabilistically, AQM disciplines typically avoid both of these issues.[1]

By providing endpoints with congestion indication before the queue is full, AQM disciplines are able to maintain a shorter queue length than drop-tail queues, which combats bufferbloat and reduces network latency.

Early AQM disciplines (notably RED and SRED) require careful tuning of their parameters in order to provide good performance. Modern AQM disciplines (ARED, Blue, PI) are self-tuning, and can be run with their default parameters in most circumstances.

For AQM systems that drop packets (rather than using ECN marking), the result seems counter-intuitive to many network engineers: "Why should I drop perfectly good packets when I still have free buffer space?" What they fail to think about is that the packets will have to be dropped once the buffer is full. (Full buffers causes excessive latency [2]).

An Active Queue Management and Denial-of-Service (AQM&DoS) Simulation Platform is established based on the NS-2 simulation code of the RRED algorithm. The AQM&DoS Simulation Platform can simulate a variety of DoS attacks (Distributed DoS, Spoofing DoS, Low-rate DoS, etc.) and Active Queue Management (AQM) algorithms (RED, RRED, SFB, etc.). It automatically calculates and records the average throughput of normal TCP flows before and after DoS attacks to facilitate the analysis of the impact of DoS attacks on normal TCP flows and AQM algorithms. More details.